System and method for securing a power management apparatus from an attack by verifying acquired data based on statistical processing, data simulation, and watermark verification
Abstract
There is provided an analysis server including a first verifying unit that analyzes data acquired from a local power management system composed of an electronic appliance provided with a sensor and a power management apparatus managing power supply to the electronic appliance connected to a power network, by using history information of the local power management system or data acquired from another local power management system with a power usage state similar to that of the local power management system, a second verifying unit that analyzes the data acquired from the local power management system, by using an estimated value calculated by simulation using characteristics information and/or specification information of the electronic appliance, and a control unit that controls the first verifying unit and the second verifying unit.
Claims
exact text as granted — not AI-modifiedWhat is claimed is:
1. An analysis server comprising:
one or more processors operable to:
analyze a first data acquired from a first local power management system to identify an attack on the first local power management system or abnormalities of an electronic appliance, the first local power management system composed of the electronic appliance provided with a sensor and a power management apparatus managing power supply to the electronic appliance connected to a power network, by using a second data acquired from a second local power management system with a power usage state similar to that of the first local power management system;
analyze the first data acquired from the first local power management system to identify the attack on the first local power management system or the abnormalities of the electronic appliance, by comparing a portion or all of the first data to an estimated value calculated by simulation using characteristics information or specification information of the electronic appliance; and
verify electronic watermark data embedded with time information in the first data acquired from the first local power management system to identify tampering of the first data,
wherein the verification is based on comparison of the embedded electronic watermark data with a predetermined electronic watermark data, and
wherein the predetermined electronic watermark data is generated based on the first data and the time information.
2. The analysis server according to claim 1 , wherein the one or more processors are operable to:
calculate a characterizing amount from the first data acquired from the first local power management system, and judges an operation of the power management apparatus within the first local power management system based on the calculated characterizing amount,
store the first data acquired from the first local power management system as a database, and
take, as a virus definition file, a pattern which has been extracted by analyzing a pattern of the first data for which occurrence of an abnormal operation has been detected.
3. The analysis server according to claim 2 ,
wherein the one or more processors are operable to calculate, based on the first data stored in the database, the characterizing amount used for judgment, and store the calculated characterizing amount in a judgment dictionary.
4. The analysis server according to claim 3 ,
wherein the first data acquired from the first local power management system is a sensor information relating to a battery provided in the power management apparatus within the first local power management system, and
wherein the one or more processors are operable to analyze the sensor information relating to the battery, and specify the battery that is to be excluded from the first local power management system.
5. The analysis server according to claim 4 , wherein the one or more processors are operable to:
calculate an estimated characteristic value of the battery based on the sensor information relating to the battery and electrical specifications of the battery, and
specify the battery to be excluded according to a degree of discrepancy between the calculated estimated characteristic value and the sensor information.
6. The analysis server according to claim 2 ,
wherein the one or more processors are operable to correct a parameter of the simulation by using the first data for which occurrence of the abnormal operation has been detected.
7. The analysis server according to claim 1 ,
wherein the one or more processors are operable to perform analysis of the first data acquired from the first local power management system, by using at least one of a first verification process and a second verification process.
8. A method of securing a power management apparatus, comprising:
analyzing a first data acquired from a first local power management system to identify an attack on the first local power management system or abnormalities of an electronic appliance, the first local power management system composed of the electronic appliance provided with a sensor and the power management apparatus managing power supply to the electronic appliance connected to a power network,
by using a second data acquired from a second local power management system with a power usage state similar to that of the first local power management system;
comparing a portion or all of the first data to an estimated value calculated by simulation using characteristics information or specification information of the electronic appliance; and
verifying electronic watermark data embedded with time information in the first data acquired from the first local power management system to identify tampering of the first data,
wherein the verification is based on comparison of the embedded electronic watermark data with a predetermined electronic watermark data, and
wherein the predetermined electronic watermark data is generated based on the first data and the time information.
9. The analysis server according to claim 1 ,
wherein, in an event, the first data is detected to be tampered based on the comparison of the electronic watermark data with the predetermined electronic watermark data, the one or more processors are further operable to transmit tampering information to the first local power management system.
10. The analysis server according to claim 1 , wherein the time information indicates a current time of the verification of the electronic watermark data.Cited by (0)
No later patents cite this yet.
References (0)
No backward citations on record.